hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-26 17:25:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #14120 from asgerf/dynamic/typemodel-istypeused

Browse Source 
Dynamic: add TypeModel.isTypeUsed
This commit is contained in:
Asger F
2024-06-06 15:31:16 +02:00
committed by GitHub
parent 5deb9002bf 0b78d1d953
commit 6e0f3df573
10 changed files with 90 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
javascript/ql/test/library-tests/frameworks/data/test.expected
View File

@@ -79,6 +79,7 @@ taintFlow
| test.js:269:10:269:31 | this.ba ... ource() | test.js:269:10:269:31 | this.ba ... ource() |
| test.js:272:6:272:40 | new MyS ... ource() | test.js:272:6:272:40 | new MyS ... ource() |
| test.js:274:6:274:39 | testlib ... eName() | test.js:274:6:274:39 | testlib ... eName() |
| test.js:277:8:277:31 | "danger ... .danger | test.js:277:8:277:31 | "danger ... .danger |
isSink
| test.js:54:18:54:25 | source() | test-sink |
| test.js:55:22:55:29 | source() | test-sink |

1
javascript/ql/test/library-tests/frameworks/data/test.ext.yml
View File

@@ -11,6 +11,7 @@ extensions:
- ['testlib', 'Member[ParamDecoratorSource].DecoratedParameter', 'test-source']
- ['testlib', 'Member[getSource].ReturnValue', 'test-source']
- ['(testlib)', 'Member[parenthesizedPackageName].ReturnValue', 'test-source']
- ['danger-constant', 'Member[danger]', 'test-source']
- addsTo:
pack: codeql/javascript-all

6
javascript/ql/test/library-tests/frameworks/data/test.js
View File

@@ -272,3 +272,9 @@ class MySubclass2 extends MySubclass {
sink(new MySubclass2().baseclassSource()); // NOT OK
sink(testlib.parenthesizedPackageName()); // NOT OK
function dangerConstant() {
sink("danger-constant".danger); // NOT OK
sink("danger-constant".safe); // OK
sink("danger-constant"); // OK
}

9
javascript/ql/test/library-tests/frameworks/data/test.ql
View File

@@ -2,6 +2,15 @@ import javascript
import testUtilities.ConsistencyChecking
import semmle.javascript.frameworks.data.internal.ApiGraphModels as ApiGraphModels
class TypeModelFromCodeQL extends ModelInput::TypeModel {
override predicate isTypeUsed(string type) { type = "danger-constant" }
override DataFlow::Node getASource(string type) {
type = "danger-constant" and
result.getStringValue() = "danger-constant"
}
}
class BasicTaintTracking extends TaintTracking::Configuration {
BasicTaintTracking() { this = "BasicTaintTracking" }